In This Section: |
Central Deployment Tool (CDT) can run in these operation modes:
Mode |
Description |
---|---|
Basic |
Installs a package, and/or run Pre-Installation and Post-Installation scripts on the specified Security Gateways. |
Advanced |
Runs a Deployment Plan - a list of predefined actions (such as a major upgrade, a Hotfix installation, run a post-installation script, and so on) on the specified Security Gateways. |
RMA |
Automates the RMA backup and restore process. |
Introduction:
CDT Basic Mode lets you:
Workflow:
CentralDeploymentTool.xml
file to change the settings (see Elements of the CDT Primary Configuration File):Note - You can edit the Candidates List file (see Introduction to the Candidates List) to make sure the specified Security Gateways are not included.
Note: If you use preparations, or extended preparations method, the CDT does not run the Pre-Installation scripts again.
To generate an Installation Candidates List:
Management Server |
Instructions |
---|---|
Security Management Server |
# ./CentralDeploymentTool –generate <Name of Candidates List file>.csv |
Multi-Domain Security Management Server |
# mdsenv <IP Address or Name of Domain Management Server>
# ./CentralDeploymentTool -generate <Name of Candidates List file>.csv <IP Address or Name of Domain Management Server> |
Preparations (Pre-Installations):
If you have a tight maintenance window, use the preparations mode to save deployment time and prepare in advance. In this scenario, the CDT does these actions:
/var/log/upload/
directory)./var/log/upload/
directory).To use simple preparations on all marked candidates in the Candidates List, run:
Management Server |
Instructions |
---|---|
Security Management Server |
# ./CentralDeploymentTool -preparations <Name of Candidates List file>.csv |
Multi-Domain Security Management Server |
# mdsenv <IP Address or Name of Domain Management Server>
# ./CentralDeploymentTool -preparations <Name of Candidates List file>.csv <IP Address or Name of Domain Management Server> |
Extended Preparations (Extended Pre-Installations):
You can extend the preparations flow. In this scenario, the CDT does these actions:
/var/log/upload/
directory)./var/log/upload/
directory).Note - Update of the CPUSE Agent might cause short connectivity loss in some rare cases.
To use extended preparations on all marked candidates, run:
Management Server |
Instructions |
---|---|
Security Management Server |
# ./CentralDeploymentTool -extended_preparations <Name of Candidates List file>.csv |
Multi-Domain Security Management Server |
# mdsenv <IP Address or Name of Domain Management Server>
# ./CentralDeploymentTool -extended_preparations <Name of Candidates List file>.csv <IP Address or Name of Domain Management Server> |
Installation:
Management Server |
Instructions |
---|---|
Security Management Server |
# ./CentralDeploymentTool -install <Name of Candidates List file>.csv |
Multi-Domain Security Management Server |
# mdsenv <IP Address or Name of Domain Management Server>
# ./CentralDeploymentTool -install <Name of Candidates List file>.csv <IP Address or Name of Domain Management Server> |
The CDT shows the installation progress on the screen.
CDT writes the progress details at 5 seconds intervals to these files in the directory of the CentralDeploymentTool
binary file:
File |
Description |
---|---|
|
Full description of the last completed stage and current stage of all Security Gateways and Cluster Members statuses. |
|
Brief description (current stage only) of all Security Gateways and Cluster Members statuses currently in execution. Useful if your screen area is limited. |
We recommend to run the watch
command to read the file continuously.
Example:# watch -d cat CDT_status.txt
Note - The error is blocking, if the package fails to install, or if you defined an installation script as blocking with the parameter "IsBlocking
" (see Elements of the CDT Primary Configuration File).
Retry:
If the installation failed on some of the Security Gateways, but continues on the remaining Security Gateways:
CDT tries to continue execution on failed Security Gateways and Cluster Members, starting from the last failed stage. Retry is only possible when the CDT runs. To perform retry:
Management Server |
Instructions |
---|---|
Security Management Server |
# ./CentralDeploymentTool -retry |
Multi-Domain Security Management Server |
# mdsenv <IP Address or Name of Domain Management Server>
# ./CentralDeploymentTool -retry <IP Address or Name of Domain Management Server> |